=Paper=
{{Paper
|id=Vol-2336/MMHS2018_invited
|storemode=property
|title=Ten Years of the e-Health System in Estonia
|pdfUrl=https://ceur-ws.org/Vol-2336/MMHS2018_invited.pdf
|volume=Vol-2336
|authors=Janek Metsallik,Peeter Ross,Dirk Draheim,Gunnar Piho
}}
==Ten Years of the e-Health System in Estonia==
https://ceur-ws.org/Vol-2336/MMHS2018_invited.pdf
Ten Years of the e-Health System in Estonia
Janek Metsallik1 , Peeter Ross1 , Dirk Draheim2 , and Gunnar Piho2
1
Department of Health Technologies
Tallinn University of Technology
Akadeemia tee 15a, 12618 Tallinn, Estonia
{janek.metsallik,peeter.ross}@taltech.ee
2
Information Systems Group
Tallinn University of Technology
Akadeemia tee 15a, 12618 Tallinn, Estonia
{dirk.draheim,gunnar.piho}@taltech.ee
Abstract. The e-health system in Estonia, called the Estonian nation-
wide Health Information System (EHIS) has been operational since the
end of 2008. The main success factors for the e-health system in Estonia
are clear governance, legal clarity, a mature ecosystem, agreement about
access rights, and standardization of medical data and data exchange
rules. We present a short history, outline the general business and tech-
nical architecture and discuss the lessons learned.
Keywords: e-Health system, e-state system, Estonian nationwide Health
Information System (EHIS).
1 Introduction
There are 1.3 million citizens in Estonia and every citizen and every resident
has a unique ID-number. In Estonia, 88% of households have a broadband con-
nection (2015), 82% of households use a mobile Internet connection (2016), 96%
of income tax declarations are made via the e-tax board (2016), 32% of votes
were cast over the Internet (2017), and 99% of bank transfers are carried out
electronically. The NATO Cooperative Cyber Defense Centre is in Estonia and
Skype, Transferwise and Taxify have been developed there.
The healthcare system in Estonia is based on health insurance, paid by em-
ployers. Healthcare providers in Estonia can be private, municipal or govern-
mental. Most hospitals are publicly owned, and most general practitioners are
private entrepreneurs. Healthcare costs make up to 6% of the GDP (9.5% in
the OECD area). The e-health system in Estonia, called Estonian nationwide
Health Information System (EHIS), has been operational since the end of 2008.
EHIS, by containing the health data of every Estonian resident virtually from
birth to death, integrates different healthcare databases and services and makes
it possible to access medical data, prescriptions and medical images online in
a secure and trusted way. The goal of the Estonian e-health system is to de-
velop patient-friendly, efficient and high-quality healthcare services. In addition,
�2 Janek Metsallik, Peeter Ross, Dirk Draheim, and Gunnar Piho
it aims to make time-critical medical information accessible for physicians and
to decrease the level of bureaucracy in the daily routine of physicians.
The three main layers of the EHIS are the data layer, the data transfer layer
and the application layer. The data layer consists of the data repositories for stor-
ing the medical documents and images. The data transfer layer provides a secure
Internet-based infrastructure for data exchange both for citizens and healthcare
providers. The developing and open-ended application layer is to provide services
for different parties (citizens, healthcare providers, government authorities, pol-
icy makers, etc.) according to their demands now and in the future. Ten years of
experience has shown that both the citizens and healthcare professionals, as well
as politicians and government authorities, have accepted the e-health system.
In Sect. 2, we present a short history of the e-health system in Estonia. Next,
in Sect. 3, we describe the services and the architecture of the Estonian e-health
system. In Sect. 4 we present the e-state infrastructure, including the security
and legal infrastructure, that is used in the e-health system. Finally, in Sect. 5 we
conclude by discussing some lessons learned from the Estonian e-health system
operation.
2 Historical Overview
The story of the Estonian e-health system states back to the first years of inde-
pendence of Estonia and is closely related to the activities and influence of the
first Prime Minister, Mr. Mart Laar, and his team. Mr. Laar served as Prime
Minister of Estonia from 1992-1994 and 1999-2002. In those years, information
technology was seen as an opportunity to develop the economy and politics in
Estonia – a small and developing country. Firm foundations were built for many
of the initiatives that today form the e-state of Estonia3 , including e-banking,
e-health, e-documents [1–4], e-school, e-taxation, e-voting, etc.
As Estonia lacked legacy software at that time, and information technol-
ogy was underdeveloped in the Soviet period, the utilization and deployment of
information technology began to evolve rapidly during the first years of indepen-
dence. Society believed in information technology and started using information
technology in all domains, including healthcare. Fig. 1 illustrates the history of
the e-health system in Estonia. Between 1990 and 2000, hospitals, general prac-
titioners and other health providers started developing their own information
systems and introducing the use of electronic health records. Several small and
medium sized software companies, focusing on the development of healthcare
systems, were founded at that time. In the same decade, the informal planning
and the first ideas of the development of a nationwide e-health system were
initiated.
The active preparation of the Estonian e-health project by the government
authorities and proponents of e-health system took place between 2003 and 2005,
however some important events took place earlier. In 2001, the digital invoicing
3
https://e-estonia.com/
� Ten Years of the e-Health System in Estonia 3
Project eHealth eHealth
Planning Digital
preparation Foundation Projects
initiated stamp
(2003-2005) established (2006-2008)
2000 2003 2006 2008 2010 2015
Funding decision by National
ePrescription
Ministry of Economic HIS
Affairs
Implementation
of new
Electronic Digital Digital Digital e-services
Health Record Images Prescription Registration
Fig. 1. The history of the EHIS platform.
system for electronic transfer of reimbursement claims, called Estonian Health
Insurance Fund (EHIF), was launched. In 2002, all pharmacies were obliged by
law to transmit the prescription information for reimbursement to the EHIF
electronically. Over 75% of healthcare providers and 45% of all pharmacies had
signed data transmission contracts. In 2005 all the reimbursement claims and
prescription data in Estonia were submitted electronically.
The foundation for EHIS was established in 2005, when the Ministry of Social
Affairs launched a concept for the e-health system. This concept postulated four
main projects, i.e., electronic health records, digital images, digital registration
and digital prescription. Soon after that, the official body for the development
of EHIS, called the e-Health Foundation, was established. The e-Health Foun-
dation was responsible for the development, financing and management of the
the system. EHIS was funded by the EU (e 1,196,206) and Estonia (e 398,735)
and was launched at the end of 2008.
EHIS continues to develop and add new functionalities and services. E-
prescription, digital stamps, a driver’s license health certificate application, drug-
drug interaction services and e-registration are examples of such e-services. To-
day, EHIS is operated and developed by TEHIK4 , a government-owned private
company. The system contains the health records of all the residents in Estonia
and more than 10,000 healthcare professionals use the system on a daily basis5 .
In September 2017, the actual number of medical documents in the system was
more than 30 million.
Although Estonia has about 1.32 million citizens, EHIS contains health in-
formation for 1.54 million people. Overall, 14 different medical document types
are in use, covering more than 17 million out-patient case summaries, around
2 million stationary case summaries, and more than 8 million different medical
4
https://www.tehik.ee/
5
https://e-estonia.com/e-health-estonian-digital-solutions-for-europe/
�4 Janek Metsallik, Peeter Ross, Dirk Draheim, and Gunnar Piho
Patient queries per month Healthcare professional queries per month Documents per month
2500000
2000000
1500000
1000000
500000
0
Fig. 2. The use of digital health data in EHIS platform.
diagnostic examination reports, including radiology reports and laboratory re-
sults [5]. Fig. 2 illustrates the growth in the number of the queries in EHIS per
month. It was close to zero when the system started in 2008 and now more than
1.2 million queries per month are made by patients (black line) and more than
1.6 million by the healthcare professionals (gray line). In these queries, about
800,000 different healthcare documents per month (dotted line), are utilized.
3 Services and Architecture
EHIS is not a big centralized database but a federated system of mutually inde-
pendent yet integrated healthcare-related software services [6]. Fig. 3 illustrates
the main elements of the system.
The most widely implemented e-health project in Estonia is a nationwide
health information exchange platform, which is called the nationwide Electronic
Health Record (EHR) system. The EHR platform, which is based on widely ac-
cepted international standards such HL7 CDA (HL7 Clinical Document Archi-
tecture)6 , DICOM (Digital Imaging and Communications in Medicine)7 , LOINC
(Logical Observation Identifiers Names and Codes)8 , etc., enables exchange of
digital health documents in a standardized way. The EHR project began the
ongoing standardization of digital health data artifacts in Estonia. By the be-
ginning of 2017, a number of 1,163 healthcare institutions were sending and
6
http://www.hl7.org/
7
https://www.dicomstandard.org/
8
https://loinc.org/
� Ten Years of the e-Health System in Estonia 5
retrieving medical data using the EHR platform. The average number of queries
was close to 50,000 queries per day. It is important to note that all medical data
entered is digitally signed either by the physicians or healthcare institutions.
Digital signing is also discussed in Sect. 4.
The other widely used healthcare service provided by EHIS is e-prescription.
Physicians upload prescriptions, in electronic form, to the prescription center
database, from where any pharmacist can request currently valid or previously
dispensed prescriptions. The e-prescription system, that has been launched at
the beginning of 2010, was very quickly accepted by all parties and today ap-
proximately 99% of medical prescriptions in Estonia are issued electronically.
For more information about the e-prescription experience in Estonia, see [7].
The Picture Archiving and Communication System (PACS) is for sharing
medical images between health institutions. Today all radiology facilities in Es-
tonia have the duty to send, achieve and retrieve radiology images using the
central PACS. Radiologists and all referring physicians have web-based access
to PACS once they have signed the necessary contract with the Estonian Health
Image Archive Foundation, the responsible authority of PACS.
Cancer. HIV. Myocardial infarction.
EMERGENCY MEDICAL SERVICE
STATE AGENCY OF MEDICINES
POPULATION REGISTER
- Handlers of medicines
- Health care providers
HEALTH CARE BOARD
BUSINESS REGISTER
- Health professionals
QUALITY REGISTERS.
- Dispensing chemists
FAMILY DOCTORS
SCHOOL NURSES
Tuberculosis. Etc.
2010 September
- Coding Centre
2010 January
PHARMACIS
HOSPITALS
2009
2009
2014
Secure data exchange layer provided by the state
X-Road, ID-card, mobile-ID, State IS Service Register
DRIVING LICENCE
SFINX
HEALTH CERTIFICATE
Drug-drug
APPLICATION
2015 X-ROAD GATEWAY Interaction database
SERVICE 2016
NATION-WIDE
2009
HEALTH PRESCRIPTION
PATIENT PORTAL INFORMATION CENTRE
2009 EXCHANGE PLATFORM 2010 January
PHARMACIES AND 2008 December
FAMILY DOCTORS
2009
Fig. 3. Main elements of the Estonian nationwide Health Information System (EHIS).
EHIS also hosts many central registers and databases such as of hospitals,
family doctors (general practitioners), pharmacies, school nurses, medicine in-
teractions, and different quality registers (cancer, HIV, tuberculosis, etc.). Fur-
thermore, it utilizes several nationwide registers such as the population and the
business register.
�6 Janek Metsallik, Peeter Ross, Dirk Draheim, and Gunnar Piho
One of the crucial parts of EHIS is the patient portal [8–11]. Using the patient
portal, the user can:
• log in with ID card or mobile ID;
• view and update personal data and add contact data of close relatives;
• view his/her medical data from healthcare providers;
• view electronic referral letters and electronic prescriptions;
• add representatives for him/herself for actions such as collecting e-prescriptions;
• make declarations of intent (e.g. donation of organs);
• access health insurance data;
• hide sensitive health data from doctors and representatives;
• complete a health declaration form before an appointment;
• view the log of who has accessed his/her data.
Feedback from the healthcare providers’ and the Estonian e-Health Founda-
tion’s helpdesks shows that, when patients do not have access to their health data
(for example during system upgrade), they immediately contact the helpdesk.
They are periodically interested in their data and want to view their test results
before appointments. This information supports the idea that making health
data easily accessible to patients will encourage them to take a more active role
in monitoring their health.
4 The Infrastructure
EHIS is not a separate system but an integrated part of the Estonian e-state
system used by the public and the private sector. The e-state system, by se-
cure data exchange and authentication methods, provides a mature ecosystem
for the e-services in Estonia. E-banking, e-school, e-taxation, e-voting and other
e-services are all using this ecosystem. The most important parts of this ecosys-
tem are the X-Road [12–14] (governmental service bus) and the e-identity [15]
PKI (Public Key Infrastructure). X-Road (or X-Tee in Estonian) 9 is a data
exchange layer for enabling a secure Internet-based data exchange between in-
formation systems. To ensure secure transfers, all outgoing data from X-Road
is digitally signed and encrypted, and all incoming data is authenticated and
logged. X-Road is based on the protocols and patterns of the standard SOA
(Service-Oriented Architecture) stack [16, 17], i.e., SOAP (Simple Object Access
Protocol) messages and WSDL (Web-Service Description Language) and utilizes
the following principles:
• it enables the information systems of X-Road members to communicate with
the information systems of data service providers across any software plat-
forms;
• X-Road members are able to request access to any data services provided
through X-Road;
9
Both X-Road and X-Tee are registered trademarks.
� Ten Years of the e-Health System in Estonia 7
• in X-Road, international standards and protocols are used wherever possible;
• exchanging data through X-Road does not affect the integrity, availability
or confidentiality of the data.
Since 2002, in Estonia, every resident has had a digital identity. This identity
is based on the unique identifier (personal ID number), digital certification or-
ganizations (police, certification center), and physical security devices like smart
card (ID card), mobile SIM card (mobile ID) and smart ID. The digital identity
has two functions: authentication and digital signature. The digital signature is
available also for companies in the form of digital stamping.
Besides X-Road and e-identity, the important infrastructure for e-health is
a legal environment initiated by the Estonian government and implemented by
the Parliament. The first idea was to create separate legislation for the e-health
system. However, due to the natural relationship between the e-health system
and the healthcare system, and also due to the desire to direct healthcare pro-
fessionals to accept and to use the e-health system, the relevant legislation was
made part of the healthcare legislation.
The Health Services Organization Act, which regulates the healthcare service
provision, was extended by a new chapter for EHIS. This chapter lays down the
responsibilities of patients, health service providers, and provides requirements
for document standards, etc. For example, all healthcare providers must send
certain health data to EHIS. The set of documents is defined by the law. The
Act also states that access to patient data is available only to licensed medical
professionals, legal representatives or patients trustees. In the Estonian e-health
system, the concept of the attending doctor has been introduced. This means
that the physician or a nurse must prove the treatment relation to the patient,
when accessing the patient’s data in EHIS. The Act also states (and this is re-
alized in the patient portal), that the patient has the right to hide their data so
that healthcare professionals are no longer able to view them. This could be done
either by hiding a single document or by hiding all their personal data in EHIS.
All attempts to view healthcare data in EHIS are monitored by the government
authorities and reported to the patients in the patient portal. In case of suspi-
cions of unlawful access to the data, necessary actions are taken immediately.
According to the Act, the ethical committee was created to lead the discussions
on patients rights and to select the proper system for the EHIS. Citizens can
access their own data, declare intentions and preferences, and monitor logs.
5 Discussion and Conclusion
The Estonian e-health system is unique as it is nationwide, integrates defined
healthcare data of all healthcare providers and provides an overview of the health
condition of every resident from birth to death. Such a comprehensive data
system requires a robust security system. The security of the Estonian e-health
system is ensured by the following six techniques:
• A secure authentication and authorization of all users with ID card, mo-
bile ID or smart ID;
�8 Janek Metsallik, Peeter Ross, Dirk Draheim, and Gunnar Piho
• Digital signing (by individuals) or digital stamping (by institutions) of all
medical documents;
• Accountability and transparency provided by an untamperable and unre-
movable secure log (audit trail) containing all actions;
• Coding of personal data ensures separation of personal data from medical
data;
• Encrypted database records allow a minimal confidentiality risk from the
technical administrators of the system;
• Monitoring of all actions together with the corresponding countermeasures
(both organizational and technical) allows identification of fraud and misuse
quickly and definitely.
Huge change management issues that digitalization brings to healthcare is
always a challenge. The observations and difficulties that were related to the
Estonian e-health system were (and are) as follows:
• Physicians and other professionals must change the way they fill out medical
files to some extent – the trend is towards more uniform language;
• Semantic interoperability of medical data is hard to achieve;
• Data quality and secondary usage of data is still challenging;
• General acceptance of hospital personnel to share medical data in patient
portal with patient is problematic;
• Much attention must be paid to the security and electronic authentication
of the users;
• User interface development must not be underestimated;
• Medical data is not what people are looking for – they are interested in
services.
As an example, related to the last claim in the list above, e-health ser-
vices that are crossing institutional and/or sectoral borders such as e-referral,
e-consultation, e-prescription or filling in health declarations for a driving li-
cense application are the most popular services among the users. These types of
services make healthcare processes more effective and save time for both health-
care professionals and individuals. The exchange of data and digital documents
between institutions also puts high demands for data quality [18, 19] and has a
clear potential to increase healthcare quality in general.
The aim of the Estonian e-health system was to develop a platform for health
information exchange. However the solution had to provide some tangible ser-
vices as well. During the first phase of the system, the scope to provide certain
standardization and applications for most valuable documents and data was set,
including outpatient summary notes, inpatient discharge letters, demographics,
time-critical health data reports, and diagnostic image references.
Even though Estonia is considered an IT-mature society, it is important to
understand that, similar to other European countries, Estonian society has mem-
bers whose computer skills do not allow them to use e-services comfortably. This
means that the digital society ecosystem should be accompanied by activities to
� Ten Years of the e-Health System in Estonia 9
educate society members and to decrease the digital divide. New e-services must
not replace ordinary services but should complement them to make processes
more efficient and affordable for the whole society. This is the leading concept
in the implementation of EHIS in Estonia, meaning that patients still have the
right and the opportunity to receive services in conventional ways.
References
1. Ansper, A., Buldas, A., Freudenthal, M., Willemson, J.: High-performance quali-
fied digital signatures for X-Road. In Nielson, H.R., Gollmann, D., eds.: NordSec
2013 – the 18th Nordic Conference on Secure IT Systems. Volume 8208 of Lecture
Notes in Computer Science., Springer (2013) 123–138
2. Draheim, D., Koosapoeg, K., Lauk, M., Pappel, I., Pappel, I., Tepandi, J.: The de-
sign of the Estonian governmental document exchange classification framework. In
Kő, A., Francesconi, E., eds.: Electronic Government and the Information Systems
Perspective, Cham, Springer International Publishing (2016) 33–47
3. Pappel, I., Pappel, I., Tepandi, J., Draheim, D.: Systematic digital signing in Esto-
nian e-government processes. Transactions on Large-Scale Data- and Knowledge-
Centered Systems XXXVI: Special Issue on Data and Security Engineering (2017)
31–51
4. Pappel, I., Oolu, K., Saarevet, K., Lauk, M., Draheim, D.: The digital archiving
process in estonia assessment and future perspectives. In Dang, T.K., Wagner, R.,
Küng, J., Thoai, N., Takizawa, M., Neuhold, E.J., eds.: FDSE’2107 - the 4th In-
ternational Conference on Future Data and Security Engineering, Cham, Springer
International Publishing (2017)
5. Piho, G., Tepandi, J., Parman, M.: Towards LIMS (laboratory information man-
agement systems) software in global context. In: MIPRO’2012 – the 35th Inter-
national Convention on Information and Communication Technology, Electronics
and Microelectronics, IEEE (May 2012) 721–726
6. Parv, L., Saluse, J., Aaviksoo, A., Tiik, M., Sepper, R., Ross, P.: Economic impact
of a nationwide interoperable e-health system using the PENG evaluation tool. In
Mantas, J., Andersen, S.K., Mazzoleni, M.C., Blobel, B., Quaglini, S., Moen, A.,
eds.: MIE’2012 – Quality of Life through Quality of Information. Studies in Health
Technology and Informatics (2012) 876–880
7. Parv, L., Kruus, P., Mõtte, K., Ross, P.: An evaluation of e-prescribing at a national
level. Informatics for Health and Social Care 41(1) (2014)
8. Essen, A., Scandurra, I., Gerrits, R., Humphrey, G., Johansen, M., Kiergegaard, P.,
Koskinen, J., Liaw, S., Odeh, S., Ross, P., Ancker, J.: Patient access to electronic
health records: Differences across ten countries. Health Policy and Technology 7(1)
(2018) 44–56
9. de Lusignan, S., Ross, P., Shifrin, M., Hercigonja-Szekeres, M., Seroussi, B.: A
comparison of approaches to providing patients access to summary care records
across old and new europe: an exploration of facilitators and barriers to implemen-
tation. In Lehmann, C., Ammenwerth, E., Nohr, C., eds.: MEDINFO 2013 – the
14th World Congress on Medical and Health Informatics. (2013) 397–401
10. Sepper, R., Ross, P., Tiik, M.: Nationwide health data management system: a
novel approach for integrating biomarker measurements with comprehensive health
records in large populations studies. Journal of Proteome Research 10(1) (2011)
97–100
�10 Janek Metsallik, Peeter Ross, Dirk Draheim, and Gunnar Piho
11. Tiik, M., Ross, P.: Patient opportunities in the Estonian electronic health record
system. Medical and Care Compunetics 6 (2010) 171–177
12. Kalja, A.: The X-Road : a key interoperability component within the state infor-
mation system. In Odrats, I., ed.: Information technology in public administration
of Estonia – yearbook 2007, Tallinn, Ministry of Economic Affairs and Communi-
cations (2008) 19–20
13. Kalja, A.: The first ten years of X-Road. In Kastehein, K., ed.: Information
technology in public administration of Estonia – yearbook 2011/2012, Tallinn,
Ministry of Economic Affairs and Communications (2012) 78–80
14. Kalja, A., Robal, T., Vallner, U.: New generations of Estonian eGovernment com-
ponents. In: PICMET’2015 – the 15th Portland International Conference on Man-
agement of Engineering and Technology, IEEE (2015) 625–631
15. Tsap, V., Pappel, I., Draheim, D.: Key success factors in introducing national e-
identification systems. In Dang, T.K., Wagner, R., Küng, J., Thoai, N., Takizawa,
M., Neuhold, E.J., eds.: FDSE’2107 - the 4th International Conference on Future
Data and Security Engineering, Cham, Springer International Publishing (2017)
455–471
16. Draheim, D.: The service-oriented metaphor deciphered. Journal of Computing
Science and Engineering 4(4) (2010) 253–275
17. Atkinson, C., Bostan, P., Draheim, D.: Foundational MDA patterns for service-
oriented computing. Journal of object technology 14(1) (2015) 1–30
18. Tepandi, J., Lauk, M., Linros, J., Raspel, P., Piho, P., Pappel, I., Draheim, D.:
The data quality framework for the Estonian public sector and its evaluation.
Transactions on Large-Scale Data- and Knowledge-Centered Systems 35 (2017)
1–26
19. Ross, P.: Importance of data quality in nation-wide e-health system for person-
alized medicine decision support applications. In: the 7th Baltic Atherosclerosis
Society Congress. (2018)
�